bc8ed69a51fa656a86b480d4c9f60e40_JaffaCakes118 | Triage

Sharing

General

Target

bc8ed69a51fa656a86b480d4c9f60e40_JaffaCakes118
Size

95KB
MD5

bc8ed69a51fa656a86b480d4c9f60e40
SHA1

0c6787d228091bb236b98bf8d43811ab97b139da
SHA256

8bb8495d419a8ff62130da67c41b7446f73aaa47c672c0df13af138a37a2be74
SHA512

e7a20e8ef360d0b143b9dba55785be3342c842b7c300328a7e8e527b4ed69c9bd6d589ab5450636e2a58211f393075068db47b7d3f88b3cca4de422e10b6940c
SSDEEP

1536:/Fjols9p/3QBxuVhgB3jyRG4uiaLewg7WLGGM+pR1Iioqlu/0RolDuuMttkEqzRx:ey9p/grGKB3C0ewQWLGGMEUqG0RMKeRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Culo.exe

Files

bc8ed69a51fa656a86b480d4c9f60e40_JaffaCakes118
.zip
Culo.exe
.exe windows:4 windows x86 arch:x86

428ecb5fc725480867c55028814a2812

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaVarForInit
ord593
ord594
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrR4
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord535
__vbaI2Var
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarDup
_CIatan
__vbaStrMove
ord618
_allmul
_CItan
__vbaFPInt
__vbaVarForNext
_CIexp
__vbaFreeObj
ord581

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 958B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ